Node Express can't set session with post request

Question

I use node express 4.0 to implement a message code verify function. I use session to store the msg code I send. I set up the session middleware as dos said：

app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
    extended: false
}));
app.use(cookieParser());
app.use(session({secret:'ssssss'}));
app.use(express.static(path.join(__dirname, 'public')));
app.use('/uploads', express.static(path.join(__dirname, 'uploads/temp')));

but when I use post method get the msg code, I found that the session didn't set successfully.

Like this code below:

router.post('/msgCode', function(req, res) {
   req.session.test = 'test';
   // request send msg code api then response
}

when I repost this router I found that the req.session.test is undefined.

then I try this in another router:

router.get('/sendMsgTest', function(req, res) {
    req.session.test = 'test';
    res.json({
        status:0
    })
}

every time I request sendMsgTest, I can get req.session.test. And when I request another get method, I can get req.session.test value successfully.

So why is it my post method didn't work?

Hi Jack, where you able to fix this problem? I'm actually having the exact same issue you are describing! Thanks — luanped, Feb 28 '16 at 20:31
did you check if router.post is being called, such as inserting a console.log('test done') inside router.post function ? can you post your client html/js code ? — Tarciso Junior, May 18 '16 at 18:51

score 3 · Answer 1 · answered Aug 28 '17 at 21:11

I had the same issue. I've been using fetch for requests and it does not send cookies by default, so I got different cookie ids for GET and POST requests. The solution was:

fetch(url, {
  credentials: 'same-origin' // or 'include'
});

See https://developer.mozilla.org/en-US/docs/Web/API/Request/credentials for more info.

score 1 · Answer 2 · answered May 24 '16 at 05:00

you just try the session.save() , and in express 4 you must mention "resave" ,"saveUninitialized"

var session = require('express-session');
app.use(session({secret: 'keyboard cat', resave: false, saveUninitialized: true,cookie: { path: '/', httpOnly: true, maxAge: 30 * 30000 },rolling: true}));

router.post('/savesession', function (req, res) {
req.session.user = 'user';
req.session.save()
res.json(req.session.user);
});

router.get('/getsession', function (req, res) {
res.json(req.session.user);
});

The above code not working for me. what version of express-session are you using. — KARTHIKEYAN.A, Jun 19 '22 at 13:26

score 0 · Answer 3 · answered May 18 '16 at 20:06

You don't mention how you're calling the POST route. Are you sending the session cookie along with the POST request? Also, what type of response is the POST method returning?

(in app.js)

var session = require('express-session');
app.use(session({
  secret: 'sooper_secret',
  resave: false,
  saveUninitialized: false
}));

(in routes/index.js)

router.post('/post', function (req, res) {
    req.session.test = 'test';
    res.json({success: true});
});

router.get('/get', function (req, res) {
    const results = {
        sessionData: req.session.test || 'session data not found'
    };
    res.json(results);
});

(command line)

% curl -X POST localhost:3000/post --cookie-jar test.cookie
% {"success":true}

% curl localhost:3000/get --cookie test.cookie
% {"sessionData":"test"}

Yes you are right. It was client thing. It works from postman but not from my angular 2. app Must be something in the header being sent from angular 2 not allow a session to be stored. Do you know what that can be? — Joe, May 18 '16 at 21:43
@PerStröm http://stackoverflow.com/questions/17064791/http-doesnt-send-cookie-in-requests looks legit — endemic, May 19 '16 at 15:24

Node Express can't set session with post request

3 Answers3